• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.4 no.3
• /
• pp.150-154
• /
• 2003

This paper designs the secure FTP model which provides origin non-repudiation and receipt non-repudiation service that sender and recipient profit of each other to prevent the repudiated of transmission of message and which provides the delivery non-repudiation service to prevent the repudiated of file reception and fact of the transmission failure of an error from the network. The FTP model which is designed to use the GSS-API and in order to have compatibility from source level, with security service it provided the interface which is consistent, establishes the secure context which application client and application server for is safe the session key which overhead from opening to the public key system with efficient key use and it used it minimized.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.9C
• /
• pp.1345-1351
• /
• 2004

Due to the overwhelming importance the Internet gained nowadays, more and more sophisticated security services are requested. However many applications such as Internet Banking, Home Trading System, Electronic Medical Recede, electronic commerce, etc. are related to non-repudiation. Non-repudiation services are one of these new security requirements. ill comparison to other security issues, such as privacy or authenticity of communications, non-repudiation has not been studied intensively. Informally, we say that a protocol is fair if at the end of the protocol execution either originator receives a non-repudiation of receipt evidence and recipient receives a non-repudiation of origin evidence or none of them receives any valid evidence. The most non-repudiation protocols rely on a trusted third party(TIP) that has to intervene during each protocols run. the TIP may create a communication bottleneck. ill this paper, we suggest the digital signature recorder that guarantees fairness logically and supplies minimal network bottleneck to be composed verification server physically.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.26 no.11C
• /
• pp.24-32
• /
• 2001

Recently, in the case that provides electronic services using Internet, we need the non-repudiation service that supplies a technological evidence about actions between a sender and a receiver that violate the promised protocol. Also, this service offers legal evidences while producing controversy. In this paper, we propose a protocol that improves the efficiency and offers the fairness of non-repudiation service by the extension of ability of TTP (Trusted Third Party). The proposed protocol adds a Time Check function and an Alert Message to extend the ability of TTP. Through the computer simulation, we prove that the proposed protocol has better efficiency than previous protocols.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.25 no.9A
• /
• pp.1387-1394
• /
• 2000

The SSL(Secure Socket Layer) protocol is one of the mechanism widely used in the recent network system. The improved information security mechanism based on the SSL is designed in this paper. There are important four information security services. The first is the authentication service using the Certificate offered from the SSL(Secure Socket Layer), the second is the message confidentiality service using the DES encryption algorithm, the third is the message integrity service using Hash function, and the fourth is Non-repudiation service. Therefore, information could be transferred securely under the information security mechanism including Non-repudiation service especially designed in this paper.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.12
• /
• pp.6092-6115
• /
• 2017

This paper demonstrates a case for an end-to-end pure Application Security Layer for reliable and confidential communications within an Internet of Things (IoT) constrained environment. To provide a secure key exchange and to setup a secure data connection, Transport Layer Security (TLS) is used, which provides native protection against replay attacks. TLS along with digital signature can be used to achieve non-repudiation within app-to-app communications. This paper studies the use of TLS over the JavaScript Object Notation (JSON) via a The Constrained Application Protocol (CoAP) RESTful service to verify the hypothesis that in this way one can provide end-to-end communication flexibility and potentially retain identity information for repudiation. As a proof of concept, a prototype has been developed to simulate an IoT software client with the capability of hosting a CoAP RESTful service. The prototype studies data requests via a network client establishing a TLS over JSON session using a hosted CoAP RESTful service. To prove reputability and integrity of TLS JSON messages, JSON messages was intercepted and verified against simulated MITM attacks. The experimental results confirm that TLS over JSON works as hypothesised.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.6
• /
• pp.1283-1292
• /
• 2012

As delivery services market has grown the damage cases are also continuously increased. When using delivery services, Customers would not be compensated in any way. Perhaps worse, losing a cargo would create a great deal of trouble. Because the lack of evidence, they takes a lot of time to clarify who is responsible. To prevent these things, we must create, collect, maintain and confirm. In this paper, we introduce new delivery system with a trusted third party for non-repudiation services. Moreover, in damage case, we show that the proposed system is efficient and provide non-repudiation. Using sending and receiving codes, the proposed system identifies a responsible subject with quickness and clearness.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2000.04a
• /
• pp.318-323
• /
• 2000

The SSL(Secure Socket Layer) protocol is one of the mechanism widely used in the recent network system. The improved information security mechanism based on the SSL is designed in this paper. There are important four information security services. The first is the authentication service using the Certificate offered from the SSL(Secure Socket Layer), the second is the message confidentiality service using the DES encryption algorithm, the third is the message integrity service using Hash function, and the fourth is Non-repudiation service. Therefore, information could be transferred securely under the information security mechanism including Non-repudiation service especially designed in this paper.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.5
• /
• pp.1726-1743
• /
• 2014

DDoS (Distributed Denial of Service) has been a continuous threat to the cyber world with the growth in cyber technology. This technical evolution has given rise to a number of ultra-sophisticated ways for the attackers to perform their DDoS attack. In general, the attackers who generate the denial of service, use the vulnerabilities of the TCP. Some of the vulnerabilities like SYN (synchronization) flooding, and IP spoofing are used by the attacker to create these Distributed Reflected Denial of Service (DrDoS) attacks. An attacker, with the assistance of IP spoofing creates a number of attack packets, which reflects the flooded packets to an attacker's intended victim system, known as the primary target. The proposed scheme, Efficient Spoofed Flooding Defense (ESFD) provides two level checks which, consist of probing and non-repudiation, before allocating a service to the clients. The probing is used to determine the availability of the requested client. Non-repudiation is taken care of by the timestamp enabled in the packet, which is our major contribution. The real time experimental results showed the efficiency of our proposed ESFD scheme, by increasing the performance of the CPU up to 40%, the memory up to 52% and the network bandwidth up to 67%. This proves the fact that the proposed ESFD scheme is fast and efficient, negating the impact on the network, victim and primary target.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.13 no.4
• /
• pp.99-106
• /
• 2017

With the advent of virtual money such as bit coins, interest in the block chain is increasing. Block Chain is a technology that supports Distributed Ledger and is a versatile technology applicable to various fields. Currently, the block chain is conducting research for various applications such as virtual money, trade finance, marketplace, power market, image contents service, and IoT. The technologies that make up the block chain are smart contract, digital signature/hash function and consensus algorithm. And these technologies operate on P2P networks. In this paper, we have studied e-mail system based on the ethereum which is one of the block chain based technologies. Most legacy mail systems use SMTP and the POP3/IMAP protocol to send and receive e-mail, and e-mail use S/MIME to protect the e-mail. However, S/MIME is vulnerable to DDoS attacks because it is configured centrally. And it also does not provide non-repudiation of mail reception. To overcome these weaknesses, we proposed an e-mail system model based on ethereum. The proposed model is able to cope with DDoS attack and forgery prevention by using block chain based technology, and reliable recording and management among block chain participants are provided, so that it is possible to provide a non-repudiation function of e-mail transmission and reception.

• Journal of Korea Multimedia Society
• /
• v.6 no.3
• /
• pp.518-526
• /
• 2003

According to the development of mobile communications, the future mobile communication systems are expected to provide high quality multimedia service to users. Therefore, many technical factors we needed in these systems. Especially the confidentiality and the security would be obtained through the introduction of the security for mobile communications. In this paper, we propose an efficient Proxy-Signcryption scheme, which can be performed digital signature and encryption by using the proxy agent who has more computational power under mobile communications environment. The proposed scheme provides non-repudiation and prevents creating illegal signature by the origin and proxy agent in a phase of proxy signature processing. This scheme also keeps the confidentiality and the security in mobile communication by means of confirming the signature by right receiver.